jwt_signed_request 2.3.0 → 2.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -1
- data/lib/jwt_signed_request/middlewares/rack.rb +4 -2
- data/lib/jwt_signed_request/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f1437c1fe1c8ace216bfb4794b2d8f434383a6a0
|
4
|
+
data.tar.gz: 8f6cf18fe5b27219e659e53495308324494f20e8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 17a865b7d0439a4cebdb9f7a280729681ff442e05c52c722b81f792a2b33fa62050b89cf1c4b69c6ede112d62d4967f64d7915553396b2ec934bda5cb9eafac5
|
7
|
+
data.tar.gz: 2755fcdccfb5f398647d97699a7082196b723b2ff32e41700691dc8348e697c138edc09193be2fa495dec904cfbdbda06832b207b98caa0d2856e2242b6b75c2
|
data/README.md
CHANGED
@@ -158,7 +158,8 @@ JWT tokens contain an expiry timestamp. If communication delays are large (or sy
|
|
158
158
|
```ruby
|
159
159
|
class Server < Sinatra::Base
|
160
160
|
use JWTSignedRequest::Middlewares::Rack,
|
161
|
-
exclude_paths: /public|health
|
161
|
+
exclude_paths: /public|health/, # optional regex
|
162
|
+
leeway: 100 # optional
|
162
163
|
end
|
163
164
|
```
|
164
165
|
|
@@ -10,6 +10,7 @@ module JWTSignedRequest
|
|
10
10
|
@app = app
|
11
11
|
@secret_key = options[:secret_key]
|
12
12
|
@algorithm = options[:algorithm]
|
13
|
+
@leeway = options[:leeway]
|
13
14
|
@exclude_paths = options[:exclude_paths]
|
14
15
|
end
|
15
16
|
|
@@ -19,7 +20,8 @@ module JWTSignedRequest
|
|
19
20
|
args = {
|
20
21
|
request: ::Rack::Request.new(env),
|
21
22
|
secret_key: secret_key,
|
22
|
-
algorithm: algorithm
|
23
|
+
algorithm: algorithm,
|
24
|
+
leeway: leeway
|
23
25
|
}.reject { |_, value| value.nil? }
|
24
26
|
|
25
27
|
::JWTSignedRequest.verify(**args)
|
@@ -33,7 +35,7 @@ module JWTSignedRequest
|
|
33
35
|
|
34
36
|
private
|
35
37
|
|
36
|
-
attr_reader :app, :secret_key, :algorithm, :exclude_paths
|
38
|
+
attr_reader :app, :secret_key, :algorithm, :leeway, :exclude_paths
|
37
39
|
|
38
40
|
def excluded_path?(env)
|
39
41
|
!exclude_paths.nil? &&
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: jwt_signed_request
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Envato
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-
|
11
|
+
date: 2018-07-24 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: jwt
|
@@ -145,7 +145,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
145
145
|
version: '0'
|
146
146
|
requirements: []
|
147
147
|
rubyforge_project:
|
148
|
-
rubygems_version: 2.
|
148
|
+
rubygems_version: 2.5.1
|
149
149
|
signing_key:
|
150
150
|
specification_version: 4
|
151
151
|
summary: JWT request signing and verification for Internal APIs
|